IETF Logo Mail Archive

Re: [TLS] [Technical Errata Reported] RFC4492 (2389)

Bodo Moeller <bmoeller@acm.org> Fri, 23 July 2010 09:28 UTC

Return-Path: <SRS0=Fwtl=O5=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 566043A6B2D for <tls@core3.amsl.com>; Fri, 23 Jul 2010 02:28:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.249
X-Spam-Level:
X-Spam-Status: No, score=-102.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NXewb31V5dli for <tls@core3.amsl.com>; Fri, 23 Jul 2010 02:28:43 -0700 (PDT)
Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.171]) by core3.amsl.com (Postfix) with ESMTP id 0AED73A6A17 for <tls@ietf.org>; Fri, 23 Jul 2010 02:28:42 -0700 (PDT)
Received: from dhcp-172-28-209-226.zrh.corp.google.com ([74.125.57.36]) by mrelayeu.kundenserver.de (node=mrbap0) with ESMTP (Nemesis) id 0LdKy1-1PK3k20Xbd-00iB8U; Fri, 23 Jul 2010 11:28:04 +0200
From: Bodo Moeller <bmoeller@acm.org>
To: RFC Errata System <rfc-editor@rfc-editor.org>
In-Reply-To: <20100723083243.410E2E0638@rfc-editor.org>
References: <20100723083243.410E2E0638@rfc-editor.org>
Message-Id: <540319A8-AD8A-49F9-B022-9308A65E5E40@acm.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Apple Message framework v936)
Date: Fri, 23 Jul 2010 11:28:02 +0200
X-Mailer: Apple Mail (2.936)
X-Provags-ID: V02:K0:KFoUKe2ON1lM+XxNMrIIXjzBt0uLcCHxUoUGPe8+CYc ExGcwn2RM/jmtYRZGFqIurwXxjMmiRsLLnkNvfcYk+U4I3RQ9q 4+0aEB0wLdbzw5eZkYLRzsgW89yiy3SEyIddvM7QizypxdEXFr RWF8JLBw/HSHQIQiFRTH7uD/TWzJ0V82oSZtxHviCNoQ2EUsT/ d0DFQ/Wba2WMLmR0FfKOw==
X-Mailman-Approved-At: Mon, 26 Jul 2010 01:26:47 -0700
Cc: ekr@rtfm.com, tim.polk@nist.gov, bodo@openssl.org, chris@corriente.net, nelson@bolyard.com, vipul.gupta@sun.com, tls@ietf.org
Subject: Re: [TLS] [Technical Errata Reported] RFC4492 (2389)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jul 2010 09:34:18 -0000

On Jul 23, 2010, at 10:32 AM, RFC Errata System wrote:

>
> The following errata report has been submitted for RFC4492,
> "Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer  
> Security (TLS)".
>
> --------------------------------------
> You may review the report below and at:
> http://www.rfc-editor.org/errata_search.php?rfc=4492&eid=2389
>
> --------------------------------------
> Type: Technical
> Reported by: Juho Vähä-Herttua <juhovh@iki.fi>
>
> Section: 5.4
>
> Original Text
> -------------
>   point:   This is the byte string representation of an elliptic curve
>      point following the conversion routine in Section 4.3.6 of ANSI
>      X9.62 [7].  This byte string may represent an elliptic curve  
> point
>      in uncompressed or compressed format; it MUST conform to what the
>      client has requested through a Supported Point Formats Extension
>      if this extension was used.
>
>        enum { ec_basis_trinomial, ec_basis_pentanomial } ECBasisType;
>
>   ec_basis_trinomial:   Indicates representation of a characteristic-2
>      field using a trinomial basis.
>
>   ec_basis_pentanomial:   Indicates representation of a
>      characteristic-2 field using a pentanomial basis.
>
> Corrected Text
> --------------
>   point:   This is the byte string representation of an elliptic curve
>      point following the conversion routine in Section 4.3.6 of ANSI
>      X9.62 [7].  This byte string may represent an elliptic curve  
> point
>      in uncompressed or compressed format; it MUST conform to what the
>      client has requested through a Supported Point Formats Extension
>      if this extension was used.
>
>        enum {
>            ec_basis_trinomial(1), ec_basis_pentanomial(2),
>            (255)
>        } ECBasisType;
>
>   ec_basis_trinomial:   Indicates representation of a characteristic-2
>      field using a trinomial basis.
>
>   ec_basis_pentanomial:   Indicates representation of a
>      characteristic-2 field using a pentanomial basis.
>
> Notes
> -----
> The ECBasisType enumeration is submitted as part of the ECParameters  
> structure and therefore needs numerical values. It is common to  
> assign numerical values starting from 1 to enums and maximum value  
> of 255 should be enough, since currently there are only two known  
> basis types and it is unlikely to change in the near future.

Thanks, Juho.  Yes, the RFC text is wrong in not assigning enum values  
here, and the values that you suggest (1 and 2, with extra value 255  
to clearly state the intended width) are the ones that the  
specification would have used.

Using enum values 0 and 1 would have been equally possible, but this  
RFC tends to avoid value 0, except when specifying point compression  
in ECPointFormat, where 0 denotes the special "no compression"  
default.  For ECBasisType, there's no similar special default.

The implementations I'm aware of so far only provide named curves,  
i.e. ECBasisType is never actually encoded on the wire.  If anyone  
knows an existing implementation supporting explicit characteristic-2  
curves, I'd be glad to hear how it handles this issue -- I'd expect it  
would be using the enum values 1 and 2 as suggested here, but in case  
0 and 1 are in actual use somewhere, we'd have to think about  
maintaining compatibility.

Bodo



>
> Instructions:
> -------------
> This errata is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party (IESG)
> can log in to change the status and edit the report, if necessary.
>
> --------------------------------------
> RFC4492 (draft-ietf-tls-ecc-12)
> --------------------------------------
> Title               : Elliptic Curve Cryptography (ECC) Cipher  
> Suites for Transport Layer Security (TLS)
> Publication Date    : May 2006
> Author(s)           : S. Blake-Wilson, N. Bolyard, V. Gupta, C.  
> Hawk, B. Moeller
> Category            : INFORMATIONAL
> Source              : Transport Layer Security
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email